azure

Choosing an Appropriate Retention Period for Microsoft Sentinel Workspaces

Data Retention in Microsoft Sentinel When you deploy Microsoft Sentinel, one of the design decisions to make is how long data should be kept. This is part...

Knowledge Security

February 8, 2023

Logstash, Meet Sentinel… Sentinel, Meet Logstash!

Background In both our free workshop and popular Defending Enterprises training we heavily utilise Elastic’s Winlogbeat, Auditbeat, Filebeat and Packetbeat agents. In past editions this data finally ended up in an Elastic backend which was accessed...

Knowledge Security

November 26, 2022